Scientific Linux Security Update : wget on SL7.x x86_64
High Nessus Plugin ID 104207
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSecurity Fix(es) :
- A stack-based and a heap-based buffer overflow flaws were found in wget when processing chunked encoded HTTP responses. By tricking an unsuspecting user into connecting to a malicious HTTP server, an attacker could exploit these flaws to potentially execute arbitrary code. (CVE-2017-13089, CVE-2017-13090)
SolutionUpdate the affected wget and / or wget-debuginfo packages.